Symantec has been signed up to protect Symbian Series 60 users from the growing threat of smartphone viruses. Nokia has entered a pact with Symantec to help secure its mobile phones from viruses that target certain kind of handsets.
Nokia Reacts to Mobile Virus Threat
2005-10-08 11:12 amAndrew Youll
prevent certain types of code like what… commands like?
rm / del
well what if someone wants to remove a java game from their phone and they’re presented with the message “The Action You Are Atempting To Perform Is Classed As Malicious And As Such Has Been Blocked” that will seriously begin to get on peoples nerves after a while.
The form of prevention you’ve come up with isnt even present on *nix, and I can’t see it working in a real environment without seriously hindering what people can do, the best way to prevent these viruses is either with, requiring confirmation of action (as it is now) or with an anti-virus app that has a scanner running continuously much like what most windows AV apps have that launch on boot. Or could make Symbian Multi-user but that would bog down the OS more than a single AV app, as how many phones require more than one user account?
2005-10-08 12:19 pmWintermute
While the GP’s solution might seem a bit akward. I think, you have to agree that rather than making deals with symantec, nokia should aim to improve the core design of its OS in order to reduce the risk of getting infected. While I can’t give you specific suggestions, I am sure people more knowledgeable about OS design will be able to point out flaws that could be fixed in symbianOS. I don’t perhaps, appilcation profiles (a multimedia application can only do a bluetooth search for max 3 min/hour). I am sure something can be done to make then original design more secure.
It almost seems as if Nokia wants to use an anti-virus as a feature. You know “hey, we have an anti-virus to protect you!” Just shows the state of the IT industry. The fact that you are forced to use an anti-virus should be seen as drawback rather than a feature.
2005-10-08 1:16 pmRonald Vos
Actually, prevention of malicious code *is* present in some form on *nix. For example OpenBSD’s write XOR execute, preventing almost all buffer overflows.
Besides that, it isn’t exactly impossible to write a virus-retardant single user OS. Virusses already have a hard time on Symbian. That ‘researchers’ suggest real virusses will only hit the platform by 2008 means there’s plenty of time for them to make it even harder, without requiring constant virus definition updates to your phone.
buffer overflows isnt so much a virus problem as a software design problem.
and these “viruses” aimed at symbian phones are worms more then viruses. a virus infects a file by basicly doing the same thing as a software patch does. it adds code to the binary. and when the binary is then executed on a computer the added code goes looking for other binarys to “infect”.
a worm on the other hand travels over networks, looking for known security holes. then it uses said security hole to transfer a binary over to the target computer. then the transferd binary gets executed and goes looking for yet more computers to attack.
in this case the security hole is a social engineering one. and those will allways be present as long as people can download software to their devices.
never forget, humans are allways the weakest link in computer security. or any other security for that matter.
Security such as this is provided by the wireless provider to protect all their subscribers, not just a select few. At least it is with Rogers in Canada who provides GSM and EDGE service. After all whether transmiting or receiving voice/data/sms you’re signal is going through the wireless provider, not a third party. The only exception is if you have a device such as an IPaq 6325 that offers WiFi and you chose to connect through another provider for data access.
I can’t wait to upgrade my cell phone to a P 5 so I can run a symantec AV and maybe some anti-spam to make a call…
As platform gets more and more popular, it suddenly becomes inherently less and less secure.
Who would thought?
For the love of God no! >_<
Symantic has sucessfully managed to fail to protect every person who has bought it. All they sell is a false sense of security.
phones should be simple. if they are not, or programmed/designed so badly that virused can exist – why would i want one?
Well, now we have a market for anti-virus software on mobile phones. Well done Symantec, you keep me thinking that you have a bunch of black hooded rouge programmers pumping out the viruses locked up somewhere in the basement
Is this totally useless, or what?
WHAT virusses? There are like 3 out there, that mostly failed to spread, because you have to be a total dufus to get them installed. It takes circa 3 confirmations from the user to be succesfully installed after all.
If instead of bogging down mobile phones with superfluous software and turning mobile phones into crappy molassesware like most Windows computer, they’d actually make it impossible for virusses to spread on phones? Like, I dunno, preventing certain types of code from execution?